Computer Security Chapter 4
Web Attacks Targeting Users
-Defaced Website -Fake Website -Fake Code
Protecting Websites Against Change
-Integrity Checksums -Signed Code
Browser Attack Types
-Man-in-the-browser -Keystroke Logger -Page-in-the-Middle -Program Download Substitution -User-in-the-Middle
Successful Identification and Authentication
-Shared Secrets -One-Time Passwords -Out-of-Band Communication -Continuous Authentication
Links to malicious web sites
Advertising potentially shady sites to a large number of people.
Dot-Dot-Slash
An attack that exploits utility programs on a web server.
SQL Injection
An attack that targets SQL servers by injecting commands to be manipulated by the database.
Cross-Site Scripting Attack
An online attack that occurs when a user visits a compromised Web site that runs a script that installs a keylogger program on the user's computer.
Malicious Web Content
-Substitute Content on a Real Web Site -Web Bugs -Clickjacking -Drive-By Download
Keystroke Logger Attack
A type of spyware program that monitors keystrokes with the intent of stealing passwords, login IDs, or credit card information.
PGP
Pretty Good Privacy
S/MIME
Secure/Multipurpose Internet Mail Extensions
Drive-By Download
Software gets downloaded, installed, and executed on the user's computer without their permission, or even without their knowledge!
Substitute Content on a Real Web Site
Substituting real web content with fake content.
Page-in-the-Middle Attack
Can redirect the user to pages other than the one the user thinks they're connected to
Server-Side Include
Instruction within an HTML page that directs the Web server to perform an action.
Man-in-the-browser Attack
Malicious code inserted into the browser itself (a Trojan horse) that can intercept almost anything the browser does.
Pump-and-dump
Manipulating the prices of "Penny Stocks" by altering demand on what is a limited-supply stock.
Malicious Payload
Misleading links that install malware on your computer.
MitB vs PitB
MitB more actively alters the communication stream during a legitimate connection; PitB typically redirects it to a different site.
Web Bugs
Typically, a combination of 1-x-1-pixel "images" (often the same color as their background, so they appear invisible) that, when used with tracking cookies, can keep track of which sites you have visited.
User-in-the-Middle Attack
UitM attack gets users to solve a CAPTCHA, which actually originated elsewhere, and the UitM attacker then sends the solution to the CAPTCHA back to a site other than the one the user thought they were going to.
Phishing Attacks
Use e-mail messages to try and get users to disclose personal information. Spear phishing is a more refined version that uses social engineering to make the content seem more "trustworthy".
Clickjacking
What you're actually clicking on is hidden behind some other graphic.
Program Download Substitution Attack
When a user clicks on software to download / install and: -The link misdirects them somewhere else. -Get what they wanted with malware attached.